• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2021-45790

February 23, 2023 by

An arbitrary file upload vulnerability was found in Metersphere v1.15.4. Unauthenticated users can upload any file to arbitrary directory, where attackers can write a cron job to execute commands.

CVE-2021-45808

February 23, 2023 by

jpress v4.2.0 allows users to register an account by default. With the account, user can upload arbitrary files to the server.

CVE-2021-45411

February 23, 2023 by

In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution.

CVE-2021-44967

February 23, 2023 by

A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file.

CVE-2021-45040

February 23, 2023 by

The Spatie media-library-pro library through 1.17.10 and 2.x through 2.1.6 for Laravel allows remote attackers to upload executable files via the uploads route.

CVE-2021-44651

February 23, 2023 by

Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the updatePersonalizeSettings component due to an improper security patch for CVE-2021-40175.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 104
  • Go to page 105
  • Go to page 106
  • Go to page 107
  • Go to page 108
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE